Re: 'dpkg' and setuid
> > Yes, dpkg can only be run as root. Generally, it is necessary to use
> > the root password in order to run dpkg. Running dpkg is limited to
> > people who have the root password. Craig Saunders suggested having a
> > setuid root program for novices. Unfortunately, having a setuid
> > program means that anyone can install any program, included a setuid
> > shell. Having a root password is no longer necessary to do this.
> > Thus the additional security risk.
>
> that's why i said it should only be executable by those in a special
> group (e.g. a group called 'dpkg').
>
> The system admin would have to deliberately add a user to the group for
> them to have the permission to run it.
>
> in other words it is no more of a security hole than dpkg already is.
> i.e. it's as insecure as the system admin chooses to make it.
Wait!
Dpkg is useful as a non-root tool! I use it all the time with "--status"
and "--listfiles". Restricting it to a specific group of people would
be detrimental, IMO.
Brian
( bcwhite@verisim.com )
-------------------------------------------------------------------------------
It's not the days in your life, but the life in your days that counts.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: